package edu.neumont.MillerK.Web.Servlet;

import java.io.IOException;
import java.security.NoSuchAlgorithmException;
import java.util.ArrayList;
import java.util.List;
import java.util.Map;

import javax.annotation.Resource;
import javax.persistence.Cache;
import javax.persistence.EntityManager;
import javax.persistence.EntityManagerFactory;
import javax.persistence.PersistenceUnit;
import javax.persistence.PersistenceUnitUtil;
import javax.persistence.criteria.CriteriaBuilder;
import javax.persistence.metamodel.Metamodel;
import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.transaction.UserTransaction;

import edu.neumont.MillerK.POJOs.CreateUserException;
import edu.neumont.MillerK.POJOs.Security;
import edu.neumont.MillerK.Web.DBQueries.DBQueries;
import edu.neumont.MillerK.Web.Entities.User;
import edu.neumont.MillerK.Web.Entities.Location;

/**
 * Servlet implementation class CreateUserServlet
 */
@WebServlet("/NewUser")
public class CreateUserServlet extends HttpServlet {
	private static final long serialVersionUID = 1L;
	
	@Resource
	UserTransaction utx;
	
	@PersistenceUnit
	EntityManagerFactory emf;
	
	protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
		request.getRequestDispatcher("/WEB-INF/views/CreateNewUser.jsp").forward(request,response);
	}

	/**
	 * @see HttpServlet#doPost(HttpServletRequest request, HttpServletResponse response)
	 */
	protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
		DBQueries dbQueries = new DBQueries(emf, utx);
		Security security = new Security();
		String emailUsername = request.getParameter("username");
		String password = request.getParameter("password");
		String verifyPassword = request.getParameter("verifiedPassword");
		try {
			if(!fieldsExist(emailUsername, password, verifyPassword)){
				throw new CreateUserException("Input field doesn't exist...");
			}else if(fieldsEmpty(emailUsername, password, verifyPassword)){
				throw new CreateUserException("No fields can be empty");
			}else if(dbQueries.getUser(emailUsername) != null){
				throw new CreateUserException("Email/Username is already in use");
			}else if(!password.equals(verifyPassword)){
				throw new CreateUserException("Password fields must match");
			}else{
				String salt = security.generateSalt(password.length());
				User newUser = null;
				try {
					newUser = new User(emailUsername, security.SHAHash(password+salt), salt);
				} catch (NoSuchAlgorithmException e) {
					throw new CreateUserException("Password hashing problem...");
				}
				if(newUser != null){
					dbQueries.createUser(newUser);
					response.sendRedirect("Home");
				}
			}
		} catch (CreateUserException e) {
			request.setAttribute("error", e.getMessage());
			doGet(request, response);
		}
	}
	
	private boolean fieldsExist(String username, String pass, String verifyPass){
		boolean fieldsExist = true;
		if(username == null || pass == null || verifyPass == null)
			fieldsExist = false;
		return fieldsExist;
	}
	
	private boolean fieldsEmpty(String username, String pass, String verifyPass){
		boolean areEmpty = false;
		if(username.isEmpty() || pass.isEmpty() || verifyPass.isEmpty())
			areEmpty = true;
		return areEmpty;
	}
}
